-
Notifications
You must be signed in to change notification settings - Fork 0
[orabos] A/B root partitions, Third for persistence #14
base: orabos
Are you sure you want to change the base?
Commits on Mar 11, 2024
-
build(deps): bump azure/login from 1.6.1 to 2.0.0
Bumps [azure/login](https://github.com/azure/login) from 1.6.1 to 2.0.0. - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@cb79c77...8c334a1) --- updated-dependencies: - dependency-name: azure/login dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Configuration menu - View commit details
-
Copy full SHA for 8212fae - Browse repository at this point
Copy the full SHA 8212faeView commit details
Commits on Mar 14, 2024
-
Use packages.gardenlinux.io for release page generation (gardenlinux#…
…2041) This is the new apt repo
Configuration menu - View commit details
-
Copy full SHA for 08179be - Browse repository at this point
Copy the full SHA 08179beView commit details -
Configuration menu - View commit details
-
Copy full SHA for 25cf160 - Browse repository at this point
Copy the full SHA 25cf160View commit details
Commits on Mar 18, 2024
-
DISA STIG compliance (gardenlinux#1928)
Add a feature to make the Garden Linux image as compliant as possible to the [Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide](https://www.stigviewer.com/stig/canonical_ubuntu_20.04_lts/2023-09-08/) Note that some items in that STIG simply don't apply to Garden Linux, for example it does not contain a GUI or AppArmor. STIG-specific configuration is encapsulated in the 'stig' feature. To opt in into it, build your image with that feature enabled. Note that this might break other features. The 'stigDev' feature provides a known user/password and ssh key for the purpose of testing. This feature is only intended for development/testing purposes, not for production.
Configuration menu - View commit details
-
Copy full SHA for 3c4e697 - Browse repository at this point
Copy the full SHA 3c4e697View commit details -
Add script to automatically bump SapMachine version (gardenlinux#2043)
So far the SapMachine version we include needs to be updated manually. This PR adds a script to help with that, but the update is still a manual process. The script finds the latest minor/patch version of a given major version along with the checksums of the tarballs. Running `update-sapmachine.py` will print out the variables to be used in `exec.config`. A potential improvement is to edit the `exec.config` script automatically via `update-sapmachine.py`. We still want the checksum and the exact SapMachine version to be stored in the git repo, so we don't want to hide this by automatically running `update-sapmachine.py` during the build for reproducibility reasons. Co-authored-by: Vincent Riesop <v.riesop@sap.com>
Configuration menu - View commit details
-
Copy full SHA for 41d1291 - Browse repository at this point
Copy the full SHA 41d1291View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2b2c2d7 - Browse repository at this point
Copy the full SHA 2b2c2d7View commit details
Commits on Mar 19, 2024
-
Configuration menu - View commit details
-
Copy full SHA for f5d2fff - Browse repository at this point
Copy the full SHA f5d2fffView commit details -
Configuration menu - View commit details
-
Copy full SHA for 529f68b - Browse repository at this point
Copy the full SHA 529f68bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 522cb02 - Browse repository at this point
Copy the full SHA 522cb02View commit details -
build(deps): bump boto3 from 1.34.55 to 1.34.65 in /tests (gardenlinu…
…x#2046) Bumps [boto3](https://github.com/boto/boto3) from 1.34.55 to 1.34.65. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.55...1.34.65) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for cddf931 - Browse repository at this point
Copy the full SHA cddf931View commit details -
Remove docker from gardener feature (gardenlinux#2049)
* Remove docker from gardener feature * Remove docker-in-gardener-specific test
Configuration menu - View commit details
-
Copy full SHA for 6d08af4 - Browse repository at this point
Copy the full SHA 6d08af4View commit details
Commits on Mar 20, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 7e68371 - Browse repository at this point
Copy the full SHA 7e68371View commit details -
Configuration menu - View commit details
-
Copy full SHA for d0c9a47 - Browse repository at this point
Copy the full SHA d0c9a47View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1b36af8 - Browse repository at this point
Copy the full SHA 1b36af8View commit details
Commits on Mar 23, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 2435c2a - Browse repository at this point
Copy the full SHA 2435c2aView commit details
Commits on Mar 25, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 14a2ee1 - Browse repository at this point
Copy the full SHA 14a2ee1View commit details -
Merge pull request gardenlinux#2057 from gardenlinux/feat/bare_flavou…
…rs_tests feat: add tests for bare flavours
Configuration menu - View commit details
-
Copy full SHA for 67e1f55 - Browse repository at this point
Copy the full SHA 67e1f55View commit details -
fix: release page automation - rm package updates section (gardenlinu…
…x#2060) * security update annotations are not tracked in package repository, but in security tracker and other internal tooling. * new package pipeline does not contain annotations for CVEs, thus we need to remove the packages updates section in the release page automation => need to include it manually
Configuration menu - View commit details
-
Copy full SHA for a84c44a - Browse repository at this point
Copy the full SHA a84c44aView commit details -
build(deps): bump actions/cache from 4.0.1 to 4.0.2
Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to 4.0.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@ab5e6d0...0c45773) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Configuration menu - View commit details
-
Copy full SHA for ffd8a4f - Browse repository at this point
Copy the full SHA ffd8a4fView commit details
Commits on Mar 26, 2024
-
Merge pull request gardenlinux#2028 from gardenlinux/dependabot/githu…
…b_actions/azure/login-2.0.0 build(deps): bump azure/login from 1.6.1 to 2.0.0
Configuration menu - View commit details
-
Copy full SHA for 0230faf - Browse repository at this point
Copy the full SHA 0230fafView commit details -
Merge pull request gardenlinux#2061 from gardenlinux/dependabot/githu…
…b_actions/actions/cache-4.0.2 build(deps): bump actions/cache from 4.0.1 to 4.0.2
Configuration menu - View commit details
-
Copy full SHA for 5e25991 - Browse repository at this point
Copy the full SHA 5e25991View commit details
Commits on Apr 9, 2024
-
Stop building openstack and vmware for arm64 (gardenlinux#2069)
* Stop building openstack and vmware for arm64 Those builds fail because of missing open-vm-tools for arm64. Disable builds as they have no consumers anyways. * fix s3 upload
Configuration menu - View commit details
-
Copy full SHA for f43dbbf - Browse repository at this point
Copy the full SHA f43dbbfView commit details -
Improve docs (gardenlinux#2068)
* update LICENSE date * improve readme * badge showing latest LTS version of Garden Linux * simple quick start sections: build, test, download * remove unecessary license badge. we have LICENSE.md file which is commin practise and Github also displays it in UI * remove toc. README is simple enough. * add reference to bare container * add reference to base container * add reference to nvidia installer * remove details about integration tests. Details are explained in developer docs. User readind README only needs to know how to test locally and that we test automatically Co-authored-by: Florian Wilhelm <florian.wilhelm02@sap.com>
Configuration menu - View commit details
-
Copy full SHA for dbabc2a - Browse repository at this point
Copy the full SHA dbabc2aView commit details
Commits on Apr 12, 2024
-
Build lima vm images (gardenlinux#2064)
This PR introduces a workflow for building disk images and yaml manifest for use with lima-vm. Uploading those build artefacts will be done in a separate PR. Co-authored-by: Vincent Riesop <v.riesop@sap.com>
Configuration menu - View commit details
-
Copy full SHA for 12f5b0c - Browse repository at this point
Copy the full SHA 12f5b0cView commit details -
build(deps): bump idna from 3.6 to 3.7 in /tests (gardenlinux#2071)
Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](kjd/idna@v3.6...v3.7) --- updated-dependencies: - dependency-name: idna dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 73462d6 - Browse repository at this point
Copy the full SHA 73462d6View commit details -
build(deps): bump azure-cli from 2.57.0 to 2.59.0 in /tests (gardenli…
…nux#2070) [no ci] Bumps [azure-cli](https://github.com/Azure/azure-cli) from 2.57.0 to 2.59.0. - [Release notes](https://github.com/Azure/azure-cli/releases) - [Changelog](https://github.com/Azure/azure-cli/blob/dev/doc/try_new_features_before_release.md) - [Commits](Azure/azure-cli@azure-cli-2.57.0...azure-cli-2.59.0) --- updated-dependencies: - dependency-name: azure-cli dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 03f9fec - Browse repository at this point
Copy the full SHA 03f9fecView commit details -
build(deps): bump google-auth from 2.28.1 to 2.29.0 in /tests (garden…
…linux#2063) [no ci] Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.28.1 to 2.29.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.28.1...v2.29.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 1d70bbf - Browse repository at this point
Copy the full SHA 1d70bbfView commit details -
build(deps): bump google-cloud-storage from 2.15.0 to 2.16.0 in /tests (
gardenlinux#2062) [no ci] Bumps [google-cloud-storage](https://github.com/googleapis/python-storage) from 2.15.0 to 2.16.0. - [Release notes](https://github.com/googleapis/python-storage/releases) - [Changelog](https://github.com/googleapis/python-storage/blob/main/CHANGELOG.md) - [Commits](googleapis/python-storage@v2.15.0...v2.16.0) --- updated-dependencies: - dependency-name: google-cloud-storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 0445e7c - Browse repository at this point
Copy the full SHA 0445e7cView commit details -
build(deps): bump azure-identity from 1.16.0b1 to 1.16.0b2 in /tests (g…
…ardenlinux#2029) [no ci] Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.16.0b1 to 1.16.0b2. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-identity_1.16.0b1...azure-identity_1.16.0b2) --- updated-dependencies: - dependency-name: azure-identity dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for e1fd398 - Browse repository at this point
Copy the full SHA e1fd398View commit details -
GitHub changelog generation (gardenlinux#1961)
* gh: create config for auto changelog generation * GitHub supports the generation of automatic release notes based on PRs. * PRs can be filtered and sorted into categories via PR labels * more details: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes * gh: remove unused labels in changelog config
Configuration menu - View commit details
-
Copy full SHA for aff4992 - Browse repository at this point
Copy the full SHA aff4992View commit details -
add gdch to GitHub action build (gardenlinux#2059)
Co-authored-by: nkraetzschmar <9020053+nkraetzschmar@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for adbeb85 - Browse repository at this point
Copy the full SHA adbeb85View commit details
Commits on Apr 15, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 9458797 - Browse repository at this point
Copy the full SHA 9458797View commit details -
(main branch) fix gdch: exclude systemd-timesyncd in favour of chrony (…
…gardenlinux#2074) * fix gdch: exclude systemd-timesyncd in favour of chrony * fix gdch: exclude irqbalance
Configuration menu - View commit details
-
Copy full SHA for 9828f66 - Browse repository at this point
Copy the full SHA 9828f66View commit details
Commits on Apr 16, 2024
-
build(deps): bump aliyun-python-sdk-core from 2.14.0 to 2.15.1 in /te…
…sts (gardenlinux#2076) Bumps [aliyun-python-sdk-core](https://github.com/aliyun/aliyun-openapi-python-sdk) from 2.14.0 to 2.15.1. - [Commits](https://github.com/aliyun/aliyun-openapi-python-sdk/commits) --- updated-dependencies: - dependency-name: aliyun-python-sdk-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for a2b290c - Browse repository at this point
Copy the full SHA a2b290cView commit details -
build(deps): bump azure-storage-blob from 12.19.0 to 12.19.1 in /tests (
gardenlinux#2078) Bumps [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) from 12.19.0 to 12.19.1. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-storage-blob_12.19.0...azure-storage-blob_12.19.1) --- updated-dependencies: - dependency-name: azure-storage-blob dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ef0bfb7 - Browse repository at this point
Copy the full SHA ef0bfb7View commit details -
build(deps): bump python-novaclient from 18.5.0 to 18.6.0 in /tests (g…
…ardenlinux#2079) Bumps [python-novaclient](https://docs.openstack.org/python-novaclient/latest) from 18.5.0 to 18.6.0. --- updated-dependencies: - dependency-name: python-novaclient dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 90af449 - Browse repository at this point
Copy the full SHA 90af449View commit details -
build(deps): bump azure-identity from 1.16.0b2 to 1.16.0 in /tests (g…
…ardenlinux#2080) Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.16.0b2 to 1.16.0. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-identity_1.16.0b2...azure-identity_1.16.0) --- updated-dependencies: - dependency-name: azure-identity dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 92a7be1 - Browse repository at this point
Copy the full SHA 92a7be1View commit details -
build(deps): bump pytest from 7.4.3 to 8.1.1 in /tests (gardenlinux#2077
) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.1.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.4.3...8.1.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ebfaa19 - Browse repository at this point
Copy the full SHA ebfaa19View commit details
Commits on Apr 17, 2024
-
tests: add kernel config tests (gardenlinux#1983)
* tests: add kernel config tests Tests for cloud and metal feature. Check if SGX configs are enabled and check if MAGIC_SYSRQ config is disabled MAGIC_SYSRQ must be disabled for security audit reasons * remove old unused kernel config test * add exact test * refactor: add rational, arch and key/value tuple * also change test_kernel_config of metal
Configuration menu - View commit details
-
Copy full SHA for 149b9a5 - Browse repository at this point
Copy the full SHA 149b9a5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 68fef56 - Browse repository at this point
Copy the full SHA 68fef56View commit details
Commits on Apr 18, 2024
-
Build with SELinux enabled (gardenlinux#2083)
* Build with SELinux enabled Possible thanks to gardenlinux/builder#73 Tested with podman machine on macos with a new vm that has SELinux enabled * fix: renamed systemd pcrphase binary * Use newer builder image Includes this fix gardenlinux/builder@191279b --------- Co-authored-by: nkraetzschmar <9020053+nkraetzschmar@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for b96dee2 - Browse repository at this point
Copy the full SHA b96dee2View commit details
Commits on Apr 19, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 49bb659 - Browse repository at this point
Copy the full SHA 49bb659View commit details
Commits on Apr 23, 2024
-
Configuration menu - View commit details
-
Copy full SHA for d649809 - Browse repository at this point
Copy the full SHA d649809View commit details
Commits on Apr 25, 2024
-
build(deps): bump boto3 from 1.34.65 to 1.34.89 in /tests (gardenlinu…
…x#2089) Bumps [boto3](https://github.com/boto/boto3) from 1.34.65 to 1.34.89. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.65...1.34.89) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7e197ed - Browse repository at this point
Copy the full SHA 7e197edView commit details -
build(deps): bump pytest from 7.4.3 to 8.1.1 in /tests (gardenlinux#2088
) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.1.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.4.3...8.1.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 266842c - Browse repository at this point
Copy the full SHA 266842cView commit details -
build(deps): bump python-openstackclient from 6.5.0 to 6.6.0 in /tests (
gardenlinux#2087) Bumps [python-openstackclient](https://docs.openstack.org/python-openstackclient/latest/) from 6.5.0 to 6.6.0. --- updated-dependencies: - dependency-name: python-openstackclient dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 3725f2b - Browse repository at this point
Copy the full SHA 3725f2bView commit details -
build(deps): bump azure/login from 2.0.0 to 2.1.0 (gardenlinux#2086)
Bumps [azure/login](https://github.com/azure/login) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@8c334a1...6b24568) --- updated-dependencies: - dependency-name: azure/login dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for c53556a - Browse repository at this point
Copy the full SHA c53556aView commit details
Commits on Apr 30, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 3238cf5 - Browse repository at this point
Copy the full SHA 3238cf5View commit details
Commits on May 3, 2024
-
build(deps): bump pytest from 7.4.3 to 8.2.0 in /tests (gardenlinux#2093
) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.3 to 8.2.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.4.3...8.2.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for aac50f1 - Browse repository at this point
Copy the full SHA aac50f1View commit details -
build(deps): bump redhat-plumbers-in-action/differential-shellcheck (g…
…ardenlinux#2097) Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases) - [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md) - [Commits](redhat-plumbers-in-action/differential-shellcheck@c150708...52bab0c) --- updated-dependencies: - dependency-name: redhat-plumbers-in-action/differential-shellcheck dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for a19c4d4 - Browse repository at this point
Copy the full SHA a19c4d4View commit details -
build(deps): bump aliyun-python-sdk-ecs in /tests (gardenlinux#2096)
Bumps [aliyun-python-sdk-ecs](http://develop.aliyun.com/sdk/python) from 4.24.71 to 4.24.72. --- updated-dependencies: - dependency-name: aliyun-python-sdk-ecs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 978b367 - Browse repository at this point
Copy the full SHA 978b367View commit details -
build(deps): bump boto3 from 1.34.89 to 1.34.94 in /tests (gardenlinu…
…x#2095) Bumps [boto3](https://github.com/boto/boto3) from 1.34.89 to 1.34.94. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.89...1.34.94) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 941f61a - Browse repository at this point
Copy the full SHA 941f61aView commit details -
build(deps): bump oss2 from 2.18.4 to 2.18.5 in /tests (gardenlinux#2094
) Bumps [oss2](https://github.com/aliyun/aliyun-oss-python-sdk) from 2.18.4 to 2.18.5. - [Release notes](https://github.com/aliyun/aliyun-oss-python-sdk/releases) - [Changelog](https://github.com/aliyun/aliyun-oss-python-sdk/blob/master/CHANGELOG.rst) - [Commits](https://github.com/aliyun/aliyun-oss-python-sdk/commits) --- updated-dependencies: - dependency-name: oss2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 2be79c7 - Browse repository at this point
Copy the full SHA 2be79c7View commit details -
Rootless podman feature (gardenlinux#2081)
* Rootless podman feature WIP, currently not building because slirp4netns is missing in repo * bootstrap unit tests * fix sed
Configuration menu - View commit details
-
Copy full SHA for 2621b46 - Browse repository at this point
Copy the full SHA 2621b46View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6bd7215 - Browse repository at this point
Copy the full SHA 6bd7215View commit details
Commits on May 6, 2024
-
Configuration menu - View commit details
-
Copy full SHA for e0d1829 - Browse repository at this point
Copy the full SHA e0d1829View commit details
Commits on May 7, 2024
-
Configuration menu - View commit details
-
Copy full SHA for eb3b78c - Browse repository at this point
Copy the full SHA eb3b78cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9b119ab - Browse repository at this point
Copy the full SHA 9b119abView commit details
Commits on May 8, 2024
-
In this commit we imitation the fix[0] for `_secureboot`. Since systemd 255 has renamed the naming from pcrextend to pcrphase. Without the build fails: building raw image kvm-python_dev_readonly-amd64-today [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] using base fstab: /builder/features/base/fstab [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] modifying fstab with /builder/features/_readonly/fstab.mod [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] ---- fstab ---- [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=EFI /efi vfat ro,umask=0077 type=uefi,size=128MiB [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=USR /usr ext4 ro verity [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] REPART=00 / ext4 rw ephemeral [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] --------------- [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] mke2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Discarding device blocks: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating filesystem with 123648 4k blocks and 123648 inodes [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Filesystem UUID: 574aaca1-0e64-d36a-f743-e943b6bbca85 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Superblock backups stored on blocks: [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] 32768, 98304 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Allocating group tables: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Writing inode tables: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating journal (4096 blocks): done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Copying files into the device: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Writing superblocks and filesystem accounting information: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] tune2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem is already 123648 (4k) blocks long. Nothing to do! [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Resizing the filesystem on /tmp/tmp.NQarjGu1rf to 128000 (4k) blocks. [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem on /tmp/tmp.NQarjGu1rf is now 128000 (4k) blocks long. [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:03] /usr 5c3c3ad846e38b5b137e5483134ef1518b67eb4cdee901a2ad80556efc1ffcec /tmp/tmp.NQarjGu1rf [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] VERITY header information for /tmp/tmp.NQarjGu1rf.verity [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] UUID: b22d938d-1a08-3803-f9fe-e56a1f5bf88b [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash type: 1 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data blocks: 128000 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data block size: 4096 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash blocks: 1009 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash block size: 4096 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash algorithm: sha256 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Salt: 59cdd7476f7045846a89fb0743b0508cc366b6dfa40a4fc6e3e6e6df095f6ad5 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Root hash: cf485e037bd039c77ebe06c196f11ca553c49408f8e8d5e461f2f40c7255e392 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash device size: 4136960 [bytes] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] ERROR: ld.so: object 'datefudge.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored. [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] /efi ce715d6156ecbde3caf8b52818a27515ae678c1fc3da7167905c7b5c39ae7bdc /tmp/tmp.FpyBisxA15 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] /usr/bin/dracut: line 1067: /sys/module/firmware_class/parameters/path: No such file or directory [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Executing: /usr/bin/dracut --no-hostonly --force --kver 6.6.30-cloud-amd64 --modules "bash dash systemd systemd-initrd systemd-veritysetup systemd-repart kernel-modules kernel-modules-extra terminfo udev-rules dracut-systemd base fs-lib shutdown crypt systemd-pcrphase " --install "/etc/veritytab cryptsetup head mkfs.ext4 systemd-escape lsblk" --include /tmp/tmp.uQc9lA1NcJ / --reproducible /tmp/tmp.xSSK9wE6VQ [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Module 'systemd-pcrphase' will not be installed, because command '/usr/lib/systemd/systemd-pcrphase' could not be found! [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[E]: Module 'systemd-pcrphase' cannot be installed. completed in 107 seconds He also exepcts tpm2 to be preseted now. Hence adding it to the packages. As of now this fixes the build. I'm unsure if the build will work correctly. Since it will fail as follows: [ OK ] Reached target initrd-root-device.target - Initrd Root Device. [ 3.877478] systemd-repart[383]: Automatically determined minimal disk image size as 599.0M, current image size is 584.0M. [ 3.878989] systemd[1]: systemd-repart.service: Main process exited, code=exited, status=1/FAILURE [ 3.880320] systemd[1]: systemd-repart.service: Failed with result 'exit-code'. [ 3.881512] systemd[1]: Failed to start systemd-repart.service - Repartition Root Disk. [ 3.882701] systemd[1]: Reached target initrd-root-device.target - Initrd Root Device. But this might be a different issue.
Configuration menu - View commit details
-
Copy full SHA for 8156398 - Browse repository at this point
Copy the full SHA 8156398View commit details
Commits on May 13, 2024
-
add hack/enable_inactive_workflows script (gardenlinux#2106)
* add hack/enable_inactive_workflows script * make shellcheck happy
Configuration menu - View commit details
-
Copy full SHA for 51017a1 - Browse repository at this point
Copy the full SHA 51017a1View commit details
Commits on May 15, 2024
-
test: rework umask tests (gardenlinux#2113)
What: - repair `non_gcp` flag for python platform tests - add a second umask test `test_umask_cmd` (check via `umask`) - disable `test_umask` for platform gcp tests (check by reading UMASK value from /etc/login.defs) Why we need these tests: - pam_umask reads the umask value from /etc/login.defs: we need to test /etc/login.defs - `/root/.bashrc`, `/root/.profile`, ... can overwrite default value from /etc/login.defs - ➡️ we need to check via umask cmd in root bash environment Conclusion: - We need both tests. Disabling `/etc/login.defs` for gcp only is only acceptable, because we additionally have chroot tests that still check the file content.
Configuration menu - View commit details
-
Copy full SHA for da7a913 - Browse repository at this point
Copy the full SHA da7a913View commit details -
build(deps): bump redhat-plumbers-in-action/differential-shellcheck (g…
…ardenlinux#2103) Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.1.2 to 5.2.0. - [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases) - [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md) - [Commits](redhat-plumbers-in-action/differential-shellcheck@52bab0c...227e162) --- updated-dependencies: - dependency-name: redhat-plumbers-in-action/differential-shellcheck dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 928234e - Browse repository at this point
Copy the full SHA 928234eView commit details
Commits on May 17, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 9ce07cb - Browse repository at this point
Copy the full SHA 9ce07cbView commit details -
Merge pull request gardenlinux#2114 from gardenlinux/fix/test/login.defs
fix: /etc/login.defs permissions
Configuration menu - View commit details
-
Copy full SHA for 1d9487f - Browse repository at this point
Copy the full SHA 1d9487fView commit details
Commits on May 21, 2024
-
build(deps-dev): bump pylint from 3.1.0 to 3.2.2 in /tests (gardenlin…
…ux#2115) updated-dependencies: - dependency-name: pylint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for e7d6a2a - Browse repository at this point
Copy the full SHA e7d6a2aView commit details -
build(deps): bump requests from 2.31.0 to 2.32.0 in /tests (gardenlin…
…ux#2120) updated-dependencies: - dependency-name: requests dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f0336df - Browse repository at this point
Copy the full SHA f0336dfView commit details -
build(deps): bump redhat-plumbers-in-action/differential-shellcheck f…
…rom 5.2.0 to 5.3.0 (gardenlinux#2118) updated-dependencies: - dependency-name: redhat-plumbers-in-action/differential-shellcheck dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 8cba091 - Browse repository at this point
Copy the full SHA 8cba091View commit details -
build(deps): bump google-github-actions/auth from 2.1.2 to 2.1.3 (gar…
…denlinux#2119) updated-dependencies: - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 3c62ae8 - Browse repository at this point
Copy the full SHA 3c62ae8View commit details -
build(deps): bump pytest from 7.4.3 to 8.2.1 in /tests (gardenlinux#2116
Configuration menu - View commit details
-
Copy full SHA for afe1cea - Browse repository at this point
Copy the full SHA afe1ceaView commit details
Commits on May 22, 2024
-
Include test fgor the _secureboot and _readonly
Turns out that the change in dracut isn't stable. The pcrextend is missing in my latest build, breaking readonly again. Hence, I'll keep the change here after all.
Configuration menu - View commit details
-
Copy full SHA for f6df5b5 - Browse repository at this point
Copy the full SHA f6df5b5View commit details -
Merge pull request gardenlinux#2108 from gardenlinux/fix/rename-syste…
…md-pcrextend In this commit, we copy the fix\[0\] for `_secureboot`. Since systemd 255 has renamed the naming from `pcrextend` to `pcrphase.` Without the build fails: building raw image kvm-python_dev_readonly-amd64-today [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] using base fstab: /builder/features/base/fstab [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] modifying fstab with /builder/features/_readonly/fstab.mod [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] ---- fstab ---- [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=EFI /efi vfat ro,umask=0077 type=uefi,size=128MiB [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] LABEL=USR /usr ext4 ro verity [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] REPART=00 / ext4 rw ephemeral [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:22] --------------- [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] mke2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Discarding device blocks: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating filesystem with 123648 4k blocks and 123648 inodes [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Filesystem UUID: 574aaca1-0e64-d36a-f743-e943b6bbca85 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Superblock backups stored on blocks: [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] 32768, 98304 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Allocating group tables: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Writing inode tables: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:47] Creating journal (4096 blocks): done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Copying files into the device: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Writing superblocks and filesystem accounting information: done [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] tune2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem is already 123648 (4k) blocks long. Nothing to do! [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] resize2fs 1.47.1-rc2 (01-May-2024) [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] Resizing the filesystem on /tmp/tmp.NQarjGu1rf to 128000 (4k) blocks. [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] The filesystem on /tmp/tmp.NQarjGu1rf is now 128000 (4k) blocks long. [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:00:55] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:03] /usr 5c3c3ad846e38b5b137e5483134ef1518b67eb4cdee901a2ad80556efc1ffcec /tmp/tmp.NQarjGu1rf [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] VERITY header information for /tmp/tmp.NQarjGu1rf.verity [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] UUID: b22d938d-1a08-3803-f9fe-e56a1f5bf88b [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash type: 1 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data blocks: 128000 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Data block size: 4096 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash blocks: 1009 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash block size: 4096 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash algorithm: sha256 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Salt: 59cdd7476f7045846a89fb0743b0508cc366b6dfa40a4fc6e3e6e6df095f6ad5 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Root hash: cf485e037bd039c77ebe06c196f11ca553c49408f8e8d5e461f2f40c7255e392 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] Hash device size: 4136960 [bytes] [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] ERROR: ld.so: object 'datefudge.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored. [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:04] /efi ce715d6156ecbde3caf8b52818a27515ae678c1fc3da7167905c7b5c39ae7bdc /tmp/tmp.FpyBisxA15 [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] /usr/bin/dracut: line 1067: /sys/module/firmware_class/parameters/path: No such file or directory [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Executing: /usr/bin/dracut --no-hostonly --force --kver 6.6.30-cloud-amd64 --modules "bash dash systemd systemd-initrd systemd-veritysetup systemd-repart kernel-modules kernel-modules-extra terminfo udev-rules dracut-systemd base fs-lib shutdown crypt systemd-pcrphase " --install "/etc/veritytab cryptsetup head mkfs.ext4 systemd-escape lsblk" --include /tmp/tmp.uQc9lA1NcJ / --reproducible /tmp/tmp.xSSK9wE6VQ [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[I]: Module 'systemd-pcrphase' will not be installed, because command '/usr/lib/systemd/systemd-pcrphase' could not be found! [.build/kvm-python_dev_readonly-amd64-today-local.raw 2024-05-08 11:02:09] dracut[E]: Module 'systemd-pcrphase' cannot be installed. completed in 107 seconds He also expects tpm2 to be present now. Hence, adding it to the packages. Lastly, we check for the `pcrphase` binary and only linking it when it's missing. This should have been fixed upstream, however, there might be a regression. Fixes: gardenlinux#2108
Configuration menu - View commit details
-
Copy full SHA for c1ef132 - Browse repository at this point
Copy the full SHA c1ef132View commit details
Commits on May 27, 2024
-
Add target_commitish parameter to POST release api call (gardenlinux#…
…2123) We were missing the target_commitish parameter which means that github is using main branch instead. Docs: https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release
Configuration menu - View commit details
-
Copy full SHA for d2b75f5 - Browse repository at this point
Copy the full SHA d2b75f5View commit details -
updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 29512d5 - Browse repository at this point
Copy the full SHA 29512d5View commit details -
build(deps): bump azure-storage-blob from 12.19.1 to 12.20.0 in /tests (
gardenlinux#2110) Bumps [azure-storage-blob](https://github.com/Azure/azure-sdk-for-python) from 12.19.1 to 12.20.0. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-storage-blob_12.19.1...azure-storage-blob_12.20.0) --- updated-dependencies: - dependency-name: azure-storage-blob dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 7350481 - Browse repository at this point
Copy the full SHA 7350481View commit details -
build(deps): bump azure-cli from 2.59.0 to 2.60.0 in /tests (gardenli…
…nux#2104) Bumps [azure-cli](https://github.com/Azure/azure-cli) from 2.59.0 to 2.60.0. - [Release notes](https://github.com/Azure/azure-cli/releases) - [Changelog](https://github.com/Azure/azure-cli/blob/dev/doc/try_new_features_before_release.md) - [Commits](Azure/azure-cli@azure-cli-2.59.0...azure-cli-2.60.0) --- updated-dependencies: - dependency-name: azure-cli dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d7e484b - Browse repository at this point
Copy the full SHA d7e484bView commit details
Commits on May 31, 2024
-
build(deps): bump azure/login from 2.1.0 to 2.1.1 (gardenlinux#2124)
Bumps [azure/login](https://github.com/azure/login) from 2.1.0 to 2.1.1. - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@6b24568...6c25186) --- updated-dependencies: - dependency-name: azure/login dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 8e47a68 - Browse repository at this point
Copy the full SHA 8e47a68View commit details -
build(deps): bump azure-mgmt-compute from 30.6.0 to 31.0.0 in /tests (g…
…ardenlinux#2125) Bumps [azure-mgmt-compute](https://github.com/Azure/azure-sdk-for-python) from 30.6.0 to 31.0.0. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-mgmt-compute_30.6.0...azure-mgmt-compute_31.0.0) --- updated-dependencies: - dependency-name: azure-mgmt-compute dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for ac67a0f - Browse repository at this point
Copy the full SHA ac67a0fView commit details -
build(deps): bump google-cloud-compute from 1.17.0 to 1.19.0 in /tests (
gardenlinux#2129) Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.17.0 to 1.19.0. - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.17.0...google-cloud-compute-v1.19.0) --- updated-dependencies: - dependency-name: google-cloud-compute dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for d97d79b - Browse repository at this point
Copy the full SHA d97d79bView commit details -
build(deps): bump azure-mgmt-network from 25.3.0 to 25.4.0 in /tests (g…
…ardenlinux#2127) Bumps [azure-mgmt-network](https://github.com/Azure/azure-sdk-for-python) from 25.3.0 to 25.4.0. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-mgmt-network_25.3.0...azure-mgmt-network_25.4.0) --- updated-dependencies: - dependency-name: azure-mgmt-network dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for a96561c - Browse repository at this point
Copy the full SHA a96561cView commit details
Commits on Jun 6, 2024
-
Configuration menu - View commit details
-
Copy full SHA for b46e3af - Browse repository at this point
Copy the full SHA b46e3afView commit details
Commits on Jun 10, 2024
-
ORA BOS (Ora Baremetal OS) First dump
- Include mlx5 drivers in initramdisk and load it, otherwise we have problems with the setup of the bond (NIC isn't known yet) - Set the DNS on the bond, as cloud-init sets here things up statically, and therefore no DHCP info about the DNS
Configuration menu - View commit details
-
Copy full SHA for bd7ee43 - Browse repository at this point
Copy the full SHA bd7ee43View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8121f78 - Browse repository at this point
Copy the full SHA 8121f78View commit details -
Delete kubeadm specific config
This file overrides the kublet config specifically put there for gardener, and fails with it being there. So we rather remove it.
Configuration menu - View commit details
-
Copy full SHA for d85005f - Browse repository at this point
Copy the full SHA d85005fView commit details -
Add B partition for potential A/B setup
Simply adding a second root.conf instructs systemd-repart to create another root parition of equal size.
Configuration menu - View commit details
-
Copy full SHA for 9c0b4ab - Browse repository at this point
Copy the full SHA 9c0b4abView commit details -
Install openvswitch from debian stable / backports
It isn't part of the gardenlinux repo (yet), so get it in that way for now. It's needed for the neutron OVS and the OVN driver. Also add the loci-users for now. This probably should be replaced with k8s means to map the users.
Configuration menu - View commit details
-
Copy full SHA for 620979c - Browse repository at this point
Copy the full SHA 620979cView commit details -
The gardenlinux kernel crashes currently with the mlx5 driver.
Configuration menu - View commit details
-
Copy full SHA for aacfee0 - Browse repository at this point
Copy the full SHA aacfee0View commit details -
Configuration menu - View commit details
-
Copy full SHA for f16c97f - Browse repository at this point
Copy the full SHA f16c97fView commit details -
Ensure osvdb connection readable for group
The neutron agent will be member of the group openvswitch, but not the openvswitch user itself.
Configuration menu - View commit details
-
Copy full SHA for 7961c4a - Browse repository at this point
Copy the full SHA 7961c4aView commit details -
This ensures, that they have the right permissions
Configuration menu - View commit details
-
Copy full SHA for 8b03235 - Browse repository at this point
Copy the full SHA 8b03235View commit details -
Exclude the secondary partition from auto-mount
The kernel can automatically detect the root based on the GUID value. This marks the second partition as non-auto, to disambiguate between the two partitions. (Aside from the fact that the actual root has the label ROOT).
Configuration menu - View commit details
-
Copy full SHA for fd0ee54 - Browse repository at this point
Copy the full SHA fd0ee54View commit details -
This is a bit of a sledge-hammer method, but for now disable the watchdog, because it kicks in when doing a soft-reboot or a system kexec call. Both cut down the reboot time tremendously. The proper way would be to find out why the watchdog is not fed in those situations.
Configuration menu - View commit details
-
Copy full SHA for 341bd44 - Browse repository at this point
Copy the full SHA 341bd44View commit details -
Probably it would be easier to disable cloud-init networking and to do it completely ourselves, but now I have written it that way that it starts after cloud-init-local and before cloud-init (proper) to copy the settings from the bond to the ovs config.
Configuration menu - View commit details
-
Copy full SHA for 8978a56 - Browse repository at this point
Copy the full SHA 8978a56View commit details -
Fix group permissions for openvswitch
The clients run in the openvswitch group. We create also a openvswitch user just in case, as we might want to switch to that instead of root, like SLES and possibly RHEL do.
Configuration menu - View commit details
-
Copy full SHA for fd31ee9 - Browse repository at this point
Copy the full SHA fd31ee9View commit details -
Reserve the huge-pages on startup
This is rather slow, but it works. We need to move that earlier somehow, maybe right in the initrd with an kexec instead of this.
Configuration menu - View commit details
-
Copy full SHA for e3ee88f - Browse repository at this point
Copy the full SHA e3ee88fView commit details -
We need a chost for gardener, not a khost
The khost pulls in the kubelet, but in gardener the gardener-node-agent manages the kubelet version. And putting one in the image breaks whatever the agent wants to do.
Configuration menu - View commit details
-
Copy full SHA for eb1d6dd - Browse repository at this point
Copy the full SHA eb1d6ddView commit details -
Remove the link /opt/cni/bin from containerd
This conflicts with the calico initcontainer installation script. It tries to mount the directory, but the link points to a non-existant directory. So we simply remove it.
Configuration menu - View commit details
-
Copy full SHA for 94295ed - Browse repository at this point
Copy the full SHA 94295edView commit details -
Change Orabos type from platform to element
There should only be one platform, and that would be for us openstackbaremetal, we add orabos as an element.
Configuration menu - View commit details
-
Copy full SHA for 55bc50c - Browse repository at this point
Copy the full SHA 55bc50cView commit details -
Put the timestamp into the os release
This should help to differentiate between different today releases.
Configuration menu - View commit details
-
Copy full SHA for a2c3f32 - Browse repository at this point
Copy the full SHA a2c3f32View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4a4160c - Browse repository at this point
Copy the full SHA 4a4160cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 746a257 - Browse repository at this point
Copy the full SHA 746a257View commit details -
[orabos] Move patched ignition to its own feature
It breaks the cloud-init based setup, so we need to move it to the pipeline and generate two images (for now).
Configuration menu - View commit details
-
Copy full SHA for 6d6ac90 - Browse repository at this point
Copy the full SHA 6d6ac90View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2789d1c - Browse repository at this point
Copy the full SHA 2789d1cView commit details -
Revert "[ignition] remove duplicated ignite feature, use patched igni…
…tion deb" This reverts commit 2692585.
Configuration menu - View commit details
-
Copy full SHA for 8c46cdd - Browse repository at this point
Copy the full SHA 8c46cddView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6d3d699 - Browse repository at this point
Copy the full SHA 6d3d699View commit details -
Configuration menu - View commit details
-
Copy full SHA for aee2c42 - Browse repository at this point
Copy the full SHA aee2c42View commit details -
[orabos] add conntrack and crictl
to fix kubeadm preflight checks kubeadm.sh[343685]: error execution phase preflight: [preflight] Some fatal errors occurred: kubeadm.sh[343685]: [ERROR FileExisting-crictl]: crictl not found in system path node003-bb274 kubeadm.sh[343685]: [ERROR FileExisting-conntrack]: conntrack not found in system path
Configuration menu - View commit details
-
Copy full SHA for 73f95fa - Browse repository at this point
Copy the full SHA 73f95faView commit details -
Configuration menu - View commit details
-
Copy full SHA for 73a7ec0 - Browse repository at this point
Copy the full SHA 73a7ec0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 938d8a9 - Browse repository at this point
Copy the full SHA 938d8a9View commit details -
Configuration menu - View commit details
-
Copy full SHA for da8441b - Browse repository at this point
Copy the full SHA da8441bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7adf2ec - Browse repository at this point
Copy the full SHA 7adf2ecView commit details -
[orabos] Skip ovs setup if there is no cloud-init.yaml
We want to provision it via ignition, and then there is no cloud-init
Configuration menu - View commit details
-
Copy full SHA for 5f59f67 - Browse repository at this point
Copy the full SHA 5f59f67View commit details -
Configuration menu - View commit details
-
Copy full SHA for c43d6dc - Browse repository at this point
Copy the full SHA c43d6dcView commit details -
Configuration menu - View commit details
-
Copy full SHA for 215478d - Browse repository at this point
Copy the full SHA 215478dView commit details -
Configuration menu - View commit details
-
Copy full SHA for c7af687 - Browse repository at this point
Copy the full SHA c7af687View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6216c49 - Browse repository at this point
Copy the full SHA 6216c49View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8cfc6c0 - Browse repository at this point
Copy the full SHA 8cfc6c0View commit details -
Configuration menu - View commit details
-
Copy full SHA for dc2f7af - Browse repository at this point
Copy the full SHA dc2f7afView commit details -
Configuration menu - View commit details
-
Copy full SHA for 46f6834 - Browse repository at this point
Copy the full SHA 46f6834View commit details -
[ignite] Do not de-install cloud-init, just disable it
It breaks the build, and that is easier for now.
Configuration menu - View commit details
-
Copy full SHA for 7a8e5f6 - Browse repository at this point
Copy the full SHA 7a8e5f6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7501c07 - Browse repository at this point
Copy the full SHA 7501c07View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4043d3c - Browse repository at this point
Copy the full SHA 4043d3cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2e8b361 - Browse repository at this point
Copy the full SHA 2e8b361View commit details -
Configuration menu - View commit details
-
Copy full SHA for eccf023 - Browse repository at this point
Copy the full SHA eccf023View commit details -
[orabos] rm wait-for-networkd.conf dropin
That is leaving systemd-resolved in hanging state even if systemd-networkd.service is up
Configuration menu - View commit details
-
Copy full SHA for 2cc6d58 - Browse repository at this point
Copy the full SHA 2cc6d58View commit details -
Configuration menu - View commit details
-
Copy full SHA for f14312e - Browse repository at this point
Copy the full SHA f14312eView commit details -
[orabox] exclude firewall feature
is also disabled in gardener feature conflicts with nodeport services
Configuration menu - View commit details
-
Copy full SHA for a9a9527 - Browse repository at this point
Copy the full SHA a9a9527View commit details -
* for NFS PVs (needed for prometheus)
Configuration menu - View commit details
-
Copy full SHA for e97caa8 - Browse repository at this point
Copy the full SHA e97caa8View commit details -
[orabos] Also support cloud-init netplan with dhcp
The prior one is if you deploy in an external network, the new one also works in private networks with dhcp.
Configuration menu - View commit details
-
Copy full SHA for 81009eb - Browse repository at this point
Copy the full SHA 81009ebView commit details -
[orabos] Move hugepages to initram stage
Configuring them late in the system setup takes a significant time, doing so very early via a kexec-reboot should be faster. Potentially, changing them on-the-fly early enough might have been enough, but I haven't tested that.
Configuration menu - View commit details
-
Copy full SHA for 99a4c7a - Browse repository at this point
Copy the full SHA 99a4c7aView commit details -
[orabos] Setup OVS also over a single interface
We expect a bond, but when testing with qemu, there will be only a single interface. Cover that as well.
Configuration menu - View commit details
-
Copy full SHA for 0e9cfa6 - Browse repository at this point
Copy the full SHA 0e9cfa6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9defe22 - Browse repository at this point
Copy the full SHA 9defe22View commit details -
Configuration menu - View commit details
-
Copy full SHA for a8bafcf - Browse repository at this point
Copy the full SHA a8bafcfView commit details -
Configuration menu - View commit details
-
Copy full SHA for d5324a1 - Browse repository at this point
Copy the full SHA d5324a1View commit details -
[ignite/metal3] Renamed ignite feature to metal3
This gives us a place to collect all changes relevant to metal3 provisioning (as opposed to adding it to orabos).
Configuration menu - View commit details
-
Copy full SHA for f096a3f - Browse repository at this point
Copy the full SHA f096a3fView commit details -
[orabos] Base it on gardener feature instead
Presumably that is the feature we want to get closest to
Configuration menu - View commit details
-
Copy full SHA for ffc44a8 - Browse repository at this point
Copy the full SHA ffc44a8View commit details -
Configuration menu - View commit details
-
Copy full SHA for e527fca - Browse repository at this point
Copy the full SHA e527fcaView commit details -
Configuration menu - View commit details
-
Copy full SHA for fc87809 - Browse repository at this point
Copy the full SHA fc87809View commit details
Commits on Jun 17, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 618d769 - Browse repository at this point
Copy the full SHA 618d769View commit details
Commits on Jun 19, 2024
-
[orabos] Fix ovsdb permissions race
Doing it in the same unit has a race-condition, as the osdb-server forks of and will create eventually the socket, and at the same time the ExecStartPost script is running. By moving it to its own unit, the script can wait for the socket and adjust the permissions without delaying other units.
Configuration menu - View commit details
-
Copy full SHA for bb68c1a - Browse repository at this point
Copy the full SHA bb68c1aView commit details -
[orabos] A/B root partitions, Third for persistence
We could either have two completely separate paritions, and copy things manually around, or this. Btrfs offers the option create subvolumes for partitioning the data further up. Otherwise we would have to statically determine the size of the home, var, and var/tmp partitions (or at least: home and var). Home should be fairly limited, so that would not be an insurmountable problem. As the VMs will (eventually) only run with non-local storage, the partition will only be used for our data, which should be practically ephemeral, and is only persisted for a faster life-cycle. Brtfs also would offer us the option to use snapshots for rollback, partition the paths further, or and makes it easy to add more paths, in case of need. This includes the read-only /usr directory, now disabled. Adding a normal a/b partition doubles the risk of having chosen the wrong size and having to redeploy from scratch to repartition it.
Configuration menu - View commit details
-
Copy full SHA for d7b5882 - Browse repository at this point
Copy the full SHA d7b5882View commit details